So, this was a concerning development regarding Zoom that hit my feed yesterday.
Today, we uncovered two (local) security issues affecting Zoom’s macOS application. Given Zoom’s privacy and security track record this should surprise absolutely zero people.
First, we illustrated how unprivileged attackers or malware may be able to exploit Zoom’s installer to gain root privileges.
Following this, due to an ‘exception’ entitlement, we showed how to inject a malicious library into Zoom’s trusted process context. This affords malware the ability to record all Zoom meetings, or, simply spawn Zoom in the background to access the mic and webcam at arbitrary times! 😱
The former is problematic as many enterprises (now) utilize Zoom for (likely) sensitive business meetings, while the latter is problematic as it affords malware the opportunity to surreptitious access either the mic or the webcam, with no macOS alerts and/or prompts.
Given most companies don’t really have a choice right now but to run meetings remotely, Zoom needs to fix its shit. This is not acceptable.